Many enterprises have expansive networks that include a large number of network devices. These network environments allow data to be shared among the different network devices. One of the technical challenges that occurs in a network environment is controlling data leakage and unauthorized access to data. For example, a bad actor (e.g. a hacker) may connect a network device to a network to extract data and/or to perform other malicious activities.
Identifying malicious network devices in a large network also poses several technical challenges. Conventional systems typically detect malicious network devices after they have performed some kind of malicious activity. For example, since the malicious device is already connected to the network, the malicious network device is able to extract data and/or perform malicious activities before it is detected. Conventional systems are unable to preemptively identify malicious network device before they perform malicious activities which limits their abilities to provide information security and to control and monitor data access within the network.
Without the ability to control or monitor data access and movement the system is vulnerable to having sensitive data leave the network and/or allowing malicious data (e.g. viruses and spyware) to enter the network. Thus, it is desirable to provide a solution that provides the ability to control and monitor data access and movement within a network.